Bill(_dot_)Oxley(_at_)cox(_dot_)com wrote:
Wordy answer but +1 on what a dkim sig means
Besides the basic definition of a digital signature, to me, a DKIM means
there is a new level of expectations of how mail should be viewed and
handled. It raises the bar to a new non-legacy level of mail transactions.
So if a DKIM participating domain is expecting verifiers to treat DKIM
any differently than the rest, then it better do so in a Protocol
Consistent, collaboration and consistent non-repudiation model or
framework that is the basis of all digital signature technology.
Without a policy concept, DKIM-BASE has a high degree of implementation
security and engineering concerns that can potentially make many systems
vulnerable, including the domain that is attempting to use DKIM-BASE and
those who are not participating in the DKIM-BASE model.
To assume DKIM-BASE must be tied to a reputation service for it to work
is only going to make all the security and engineering concerns a reality.
My opinion, but I strongly believe it.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html